summaryrefslogtreecommitdiffstats
path: root/deploy
diff options
context:
space:
mode:
authorcarey.xu <carey.xuhan@huawei.com>2015-09-18 14:55:04 +0800
committercarey.xu <carey.xuhan@huawei.com>2015-09-18 15:23:38 +0800
commit95343d26c8d2cc9789b87a77748b3e7becd548ca (patch)
treef2850e996dd61b46829623d088c329f94b6a9c88 /deploy
parent28420aea06c161605ba07449daa38436d0911e20 (diff)
separate the mgmt vip from public vip, remove HA_VIP
Change-Id: Iaa877b7ce93ba9c12bc9be6f3bd101779f07ae9c JIRA: COMPASS-51
Diffstat (limited to 'deploy')
-rw-r--r--deploy/adapters/ansible/openstack_juno/templates/neutron-network.conf8
-rw-r--r--deploy/adapters/ansible/openstack_juno/templates/neutron.conf8
-rw-r--r--deploy/adapters/ansible/openstack_juno/templates/nova.conf12
-rw-r--r--deploy/adapters/ansible/roles/cinder-controller/templates/api-paste.ini4
-rw-r--r--deploy/adapters/ansible/roles/cinder-controller/templates/cinder.conf6
-rw-r--r--deploy/adapters/ansible/roles/cinder-controller/templates/cinder_init.sh8
-rw-r--r--deploy/adapters/ansible/roles/cinder-volume/templates/cinder.conf6
-rw-r--r--deploy/adapters/ansible/roles/dashboard/templates/local_settings.py2
-rw-r--r--deploy/adapters/ansible/roles/database/templates/my.cnf3
-rw-r--r--deploy/adapters/ansible/roles/database/templates/server.cnf2
-rw-r--r--deploy/adapters/ansible/roles/database/templates/wsrep.cnf5
-rw-r--r--deploy/adapters/ansible/roles/ext-network/tasks/main.yml8
-rw-r--r--deploy/adapters/ansible/roles/glance/templates/glance-api.conf4
-rw-r--r--deploy/adapters/ansible/roles/glance/templates/glance-registry.conf4
-rw-r--r--deploy/adapters/ansible/roles/glance/templates/image_upload.sh2
-rw-r--r--deploy/adapters/ansible/roles/ha/templates/failover.j22
-rw-r--r--deploy/adapters/ansible/roles/ha/templates/haproxy.cfg20
-rw-r--r--deploy/adapters/ansible/roles/ha/templates/keepalived.conf53
-rw-r--r--deploy/adapters/ansible/roles/keystone/templates/admin-openrc.sh2
-rw-r--r--deploy/adapters/ansible/roles/keystone/templates/demo-openrc.sh2
-rw-r--r--deploy/adapters/ansible/roles/keystone/templates/keystone_init44
-rw-r--r--deploy/adapters/ansible/roles/mq/templates/rabbitmq-env.conf2
-rw-r--r--deploy/adapters/ansible/roles/neutron-compute/templates/metadata_agent.ini4
-rw-r--r--deploy/adapters/ansible/roles/neutron-controller/tasks/neutron_install.yml2
-rw-r--r--deploy/adapters/ansible/roles/neutron-controller/templates/metadata_agent.ini4
-rw-r--r--deploy/adapters/ansible/roles/neutron-network/tasks/main.yml4
-rw-r--r--deploy/adapters/ansible/roles/neutron-network/templates/etc/xorp/config.boot6
-rw-r--r--deploy/adapters/ansible/roles/neutron-network/templates/metadata_agent.ini4
-rw-r--r--deploy/adapters/ansible/roles/neutron-network/vars/RedHat.yml2
-rw-r--r--deploy/adapters/ansible/roles/nova-controller/templates/metadata_agent.ini4
-rwxr-xr-xdeploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml2
-rwxr-xr-xdeploy/adapters/ansible/roles/odl_cluster/templates/akka.conf14
-rwxr-xr-xdeploy/adapters/ansible/roles/odl_cluster/templates/ml2_conf.sh2
-rw-r--r--deploy/adapters/ansible/roles/setup-network/tasks/main.yml24
-rw-r--r--deploy/adapters/ansible/roles/setup-network/templates/my_configs.debian14
-rw-r--r--deploy/conf/network_cfg.yaml13
36 files changed, 161 insertions, 145 deletions
diff --git a/deploy/adapters/ansible/openstack_juno/templates/neutron-network.conf b/deploy/adapters/ansible/openstack_juno/templates/neutron-network.conf
index df27cd47..63ac27ee 100644
--- a/deploy/adapters/ansible/openstack_juno/templates/neutron-network.conf
+++ b/deploy/adapters/ansible/openstack_juno/templates/neutron-network.conf
@@ -304,7 +304,7 @@ notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
# URL for connection to nova (Only supports one nova region currently).
-nova_url = http://{{ HA_VIP }}:8774/v2
+nova_url = http://{{ internal_vip.ip }}:8774/v2
# Name of nova region to use. Useful if keystone manages more than one region
nova_region_name = regionOne
@@ -318,7 +318,7 @@ nova_admin_username = nova
nova_admin_password = {{ NOVA_PASS }}
# Authorization URL for connection to nova in admin context.
-nova_admin_auth_url = http://{{ HA_VIP }}:35357/v2.0
+nova_admin_auth_url = http://{{ internal_vip.ip }}:35357/v2.0
# Number of seconds between sending events to nova if there are any events to send
send_events_interval = 2
@@ -392,8 +392,8 @@ report_interval = 30
# =========== end of items for agent management extension =====
[keystone_authtoken]
-auth_uri = http://{{ HA_VIP }}:5000/v2.0
-identity_uri = http://{{ HA_VIP }}:35357
+auth_uri = http://{{ internal_vip.ip }}:5000/v2.0
+identity_uri = http://{{ internal_vip.ip }}:35357
admin_tenant_name = service
admin_user = neutron
admin_password = {{ NEUTRON_PASS }}
diff --git a/deploy/adapters/ansible/openstack_juno/templates/neutron.conf b/deploy/adapters/ansible/openstack_juno/templates/neutron.conf
index 73128488..8a5e76ee 100644
--- a/deploy/adapters/ansible/openstack_juno/templates/neutron.conf
+++ b/deploy/adapters/ansible/openstack_juno/templates/neutron.conf
@@ -304,7 +304,7 @@ notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
# URL for connection to nova (Only supports one nova region currently).
-nova_url = http://{{ HA_VIP }}:8774/v2
+nova_url = http://{{ internal_vip.ip }}:8774/v2
# Name of nova region to use. Useful if keystone manages more than one region
nova_region_name = regionOne
@@ -319,7 +319,7 @@ nova_admin_tenant_id = {{ NOVA_ADMIN_TENANT_ID.stdout_lines[0] }}
nova_admin_password = {{ NOVA_PASS }}
# Authorization URL for connection to nova in admin context.
-nova_admin_auth_url = http://{{ HA_VIP }}:35357/v2.0
+nova_admin_auth_url = http://{{ internal_vip.ip }}:35357/v2.0
# Number of seconds between sending events to nova if there are any events to send
send_events_interval = 2
@@ -393,8 +393,8 @@ report_interval = 30
# =========== end of items for agent management extension =====
[keystone_authtoken]
-auth_uri = http://{{ HA_VIP }}:5000/v2.0
-identity_uri = http://{{ HA_VIP }}:35357
+auth_uri = http://{{ internal_vip.ip }}:5000/v2.0
+identity_uri = http://{{ internal_vip.ip }}:35357
admin_tenant_name = service
admin_user = neutron
admin_password = {{ NEUTRON_PASS }}
diff --git a/deploy/adapters/ansible/openstack_juno/templates/nova.conf b/deploy/adapters/ansible/openstack_juno/templates/nova.conf
index 9b4280c1..559a6d82 100644
--- a/deploy/adapters/ansible/openstack_juno/templates/nova.conf
+++ b/deploy/adapters/ansible/openstack_juno/templates/nova.conf
@@ -33,7 +33,7 @@ my_ip = {{ internal_ip }}
vnc_enabled = True
vncserver_listen = {{ internal_ip }}
vncserver_proxyclient_address = {{ internal_ip }}
-novncproxy_base_url = http://{{ HA_VIP }}:6080/vnc_auto.html
+novncproxy_base_url = http://{{ internal_vip.ip }}:6080/vnc_auto.html
novncproxy_host = {{ internal_ip }}
novncproxy_port = 6080
@@ -54,21 +54,21 @@ notification_driver = ceilometer.compute.nova_notifier
connection = mysql://nova:{{ NOVA_DBPASS }}@{{ db_host }}/nova
[keystone_authtoken]
-auth_uri = http://{{ HA_VIP }}:5000/2.0
-identity_uri = http://{{ HA_VIP }}:35357
+auth_uri = http://{{ internal_vip.ip }}:5000/2.0
+identity_uri = http://{{ internal_vip.ip }}:35357
admin_tenant_name = service
admin_user = nova
admin_password = {{ NOVA_PASS }}
[glance]
-host = {{ HA_VIP }}
+host = {{ internal_vip.ip }}
[neutron]
-url = http://{{ HA_VIP }}:9696
+url = http://{{ internal_vip.ip }}:9696
auth_strategy = keystone
admin_tenant_name = service
admin_username = neutron
admin_password = {{ NEUTRON_PASS }}
-admin_auth_url = http://{{ HA_VIP }}:35357/v2.0
+admin_auth_url = http://{{ internal_vip.ip }}:35357/v2.0
service_metadata_proxy = True
metadata_proxy_shared_secret = {{ METADATA_SECRET }}
diff --git a/deploy/adapters/ansible/roles/cinder-controller/templates/api-paste.ini b/deploy/adapters/ansible/roles/cinder-controller/templates/api-paste.ini
index b568a179..0eb04e29 100644
--- a/deploy/adapters/ansible/roles/cinder-controller/templates/api-paste.ini
+++ b/deploy/adapters/ansible/roles/cinder-controller/templates/api-paste.ini
@@ -54,8 +54,8 @@ paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
# auth_host = 127.0.0.1
# auth_port = 35357
# auth_protocol = http
-auth_uri = http://{{ HA_VIP }}:5000/v2.0
-identity_uri = http://{{ HA_VIP }}:35357
+auth_uri = http://{{ internal_vip.ip }}:5000/v2.0
+identity_uri = http://{{ internal_vip.ip }}:35357
admin_tenant_name = service
admin_user = cinder
admin_password = {{ CINDER_PASS }}
diff --git a/deploy/adapters/ansible/roles/cinder-controller/templates/cinder.conf b/deploy/adapters/ansible/roles/cinder-controller/templates/cinder.conf
index e34fd2fa..cf41817b 100644
--- a/deploy/adapters/ansible/roles/cinder-controller/templates/cinder.conf
+++ b/deploy/adapters/ansible/roles/cinder-controller/templates/cinder.conf
@@ -22,7 +22,7 @@ rabbit_userid = {{ RABBIT_USER }}
rabbit_password = {{ RABBIT_PASS }}
my_ip = {{ storage_controller_host }}
-glance_host = {{ HA_VIP }}
+glance_host = {{ internal_vip.ip }}
glance_port = 9292
api_rate_limit = False
storage_availability_zone = nova
@@ -53,8 +53,8 @@ volumes_dir=/var/lib/cinder/volumes
volume_driver=cinder.volume.drivers.lvm.LVMISCSIDriver
[keystone_authtoken]
-auth_uri = http://{{ HA_VIP }}:5000/v2.0
-identity_uri = http://{{ HA_VIP }}:35357
+auth_uri = http://{{ internal_vip.ip }}:5000/v2.0
+identity_uri = http://{{ internal_vip.ip }}:35357
admin_tenant_name = service
admin_user = cinder
admin_password = {{ CINDER_PASS }}
diff --git a/deploy/adapters/ansible/roles/cinder-controller/templates/cinder_init.sh b/deploy/adapters/ansible/roles/cinder-controller/templates/cinder_init.sh
index 0ec61b64..abe4d06a 100644
--- a/deploy/adapters/ansible/roles/cinder-controller/templates/cinder_init.sh
+++ b/deploy/adapters/ansible/roles/cinder-controller/templates/cinder_init.sh
@@ -1,6 +1,6 @@
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-create --name=cinder --pass={{ CINDER_PASS }} --email=cinder@example.com
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-role-add --user=cinder --tenant=service --role=admin
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-create --name=cinder --pass={{ CINDER_PASS }} --email=cinder@example.com
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-role-add --user=cinder --tenant=service --role=admin
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-create --name=cinder --type=volume --description="OpenStack Block Storage"
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 endpoint-create --service-id=$(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-list | awk '/ volume / {print $2}') --publicurl=http://{{ HA_VIP }}:8776/v1/%\(tenant_id\)s --internalurl=http://{{ HA_VIP }}:8776/v1/%\(tenant_id\)s --adminurl=http://{{ HA_VIP }}:8776/v1/%\(tenant_id\)s
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-create --name=cinder --type=volume --description="OpenStack Block Storage"
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 endpoint-create --service-id=$(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-list | awk '/ volume / {print $2}') --publicurl=http://{{ internal_vip.ip }}:8776/v1/%\(tenant_id\)s --internalurl=http://{{ internal_vip.ip }}:8776/v1/%\(tenant_id\)s --adminurl=http://{{ internal_vip.ip }}:8776/v1/%\(tenant_id\)s
diff --git a/deploy/adapters/ansible/roles/cinder-volume/templates/cinder.conf b/deploy/adapters/ansible/roles/cinder-volume/templates/cinder.conf
index aa3b8ccd..86422e93 100644
--- a/deploy/adapters/ansible/roles/cinder-volume/templates/cinder.conf
+++ b/deploy/adapters/ansible/roles/cinder-volume/templates/cinder.conf
@@ -21,7 +21,7 @@ rabbit_userid = {{ RABBIT_USER }}
rabbit_password = {{ RABBIT_PASS }}
my_ip = {{ storage_controller_host }}
-glance_host = {{ HA_VIP }}
+glance_host = {{ internal_vip.ip }}
glance_port = 9292
api_rate_limit = False
storage_availability_zone = nova
@@ -52,8 +52,8 @@ volumes_dir=/var/lib/cinder/volumes
volume_driver=cinder.volume.drivers.lvm.LVMISCSIDriver
[keystone_authtoken]
-auth_uri = http://{{ HA_VIP }}:5000/v2.0
-identity_uri = http://{{ HA_VIP }}:35357
+auth_uri = http://{{ internal_vip.ip }}:5000/v2.0
+identity_uri = http://{{ internal_vip.ip }}:35357
admin_tenant_name = service
admin_user = cinder
admin_password = {{ CINDER_PASS }}
diff --git a/deploy/adapters/ansible/roles/dashboard/templates/local_settings.py b/deploy/adapters/ansible/roles/dashboard/templates/local_settings.py
index 92c61f3e..62854e05 100644
--- a/deploy/adapters/ansible/roles/dashboard/templates/local_settings.py
+++ b/deploy/adapters/ansible/roles/dashboard/templates/local_settings.py
@@ -146,7 +146,7 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
# ('http://cluster2.example.com:5000/v2.0', 'cluster2'),
# ]
-OPENSTACK_HOST = "{{ HA_VIP }}"
+OPENSTACK_HOST = "{{ internal_vip.ip }}"
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"
diff --git a/deploy/adapters/ansible/roles/database/templates/my.cnf b/deploy/adapters/ansible/roles/database/templates/my.cnf
index f88f4772..2023185d 100644
--- a/deploy/adapters/ansible/roles/database/templates/my.cnf
+++ b/deploy/adapters/ansible/roles/database/templates/my.cnf
@@ -45,8 +45,7 @@ skip-name-resolve
#
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
-#bind-address = {{ hostvars[inventory_hostname]['ansible_' + INTERNAL_INTERFACE].ipv4.address }}
-bind-address = {{ HA_VIP }}
+bind-address = {{ internal_vip.ip }}
#
# * Fine Tuning
#
diff --git a/deploy/adapters/ansible/roles/database/templates/server.cnf b/deploy/adapters/ansible/roles/database/templates/server.cnf
index e0893c0f..57441ddf 100644
--- a/deploy/adapters/ansible/roles/database/templates/server.cnf
+++ b/deploy/adapters/ansible/roles/database/templates/server.cnf
@@ -15,7 +15,7 @@ max_connections = 2000
max_connect_errors = 8000
skip-host-cache
skip-name-resolve
-bind-address = {{ HA_VIP }}
+bind-address = {{ internal_vip.ip }}
#
# * Galera-related settings
#
diff --git a/deploy/adapters/ansible/roles/database/templates/wsrep.cnf b/deploy/adapters/ansible/roles/database/templates/wsrep.cnf
index 6c14b155..197640c9 100644
--- a/deploy/adapters/ansible/roles/database/templates/wsrep.cnf
+++ b/deploy/adapters/ansible/roles/database/templates/wsrep.cnf
@@ -31,8 +31,7 @@ query_cache_type=0
# Override bind-address
# In some systems bind-address defaults to 127.0.0.1, and with mysqldump SST
# it will have (most likely) disastrous consequences on donor node
-#bind-address={{ hostvars[inventory_hostname]['ansible_' + INTERNAL_INTERFACE].ipv4.address }}
-bind-address={{ HA_VIP }}
+bind-address={{ internal_vip.ip }}
##
## WSREP options
@@ -56,7 +55,7 @@ wsrep_cluster_address=gcomm://{{ haproxy_hosts.values()|join(",") }}
# Base replication <address|hostname>[:port] of the node.
# The values supplied will be used as defaults for state transfer receiving,
# listening ports and so on. Default: address of the first network interface.
-wsrep_node_address={{ internal_ips[inventory_hostname] }}
+wsrep_node_address={{ internal_ip }}
# Address for incoming client connections. Autodetect by default.
#wsrep_node_incoming_address=
diff --git a/deploy/adapters/ansible/roles/ext-network/tasks/main.yml b/deploy/adapters/ansible/roles/ext-network/tasks/main.yml
index bffb995f..57ef875e 100644
--- a/deploy/adapters/ansible/roles/ext-network/tasks/main.yml
+++ b/deploy/adapters/ansible/roles/ext-network/tasks/main.yml
@@ -4,7 +4,7 @@
login_username: ADMIN
login_password: "{{ ADMIN_PASS }}"
login_tenant_name: admin
- auth_url: "http://{{ HA_VIP }}:35357/v2.0"
+ auth_url: "http://{{ internal_vip.ip }}:35357/v2.0"
name: "{{ public_net_info.network }}"
provider_network_type: "{{ public_net_info.type }}"
provider_physical_network: "{{ public_net_info.provider_network }}"
@@ -20,7 +20,7 @@
login_username: ADMIN
login_password: "{{ ADMIN_PASS }}"
login_tenant_name: admin
- auth_url: "http://{{ HA_VIP }}:35357/v2.0"
+ auth_url: "http://{{ internal_vip.ip }}:35357/v2.0"
name: "{{ public_net_info.subnet }}"
network_name: "{{ public_net_info.network }}"
cidr: "{{ public_net_info.floating_ip_cidr }}"
@@ -38,7 +38,7 @@
login_username: ADMIN
login_password: "{{ ADMIN_PASS }}"
login_tenant_name: admin
- auth_url: "http://{{ HA_VIP }}:35357/v2.0"
+ auth_url: "http://{{ internal_vip.ip }}:35357/v2.0"
name: "{{ public_net_info.router }}"
state: present
run_once: true
@@ -49,7 +49,7 @@
login_username: ADMIN
login_password: "{{ ADMIN_PASS }}"
login_tenant_name: admin
- auth_url: "http://{{ HA_VIP }}:35357/v2.0"
+ auth_url: "http://{{ internal_vip.ip }}:35357/v2.0"
router_name: "{{ public_net_info.router }}"
network_name: "{{ public_net_info.network }}"
state: present
diff --git a/deploy/adapters/ansible/roles/glance/templates/glance-api.conf b/deploy/adapters/ansible/roles/glance/templates/glance-api.conf
index 3046ab37..737b9a3a 100644
--- a/deploy/adapters/ansible/roles/glance/templates/glance-api.conf
+++ b/deploy/adapters/ansible/roles/glance/templates/glance-api.conf
@@ -653,8 +653,8 @@ connection = mysql://glance:{{ GLANCE_DBPASS }}@{{ db_host }}/glance
#db_max_retries = 20
[keystone_authtoken]
-auth_uri = http://{{ HA_VIP }}:5000/v2.0
-identity_uri = http://{{ HA_VIP }}:35357
+auth_uri = http://{{ internal_vip.ip }}:5000/v2.0
+identity_uri = http://{{ internal_vip.ip }}:35357
admin_tenant_name = service
admin_user = glance
admin_password = {{ GLANCE_PASS }}
diff --git a/deploy/adapters/ansible/roles/glance/templates/glance-registry.conf b/deploy/adapters/ansible/roles/glance/templates/glance-registry.conf
index 8d731a24..1fedb0b5 100644
--- a/deploy/adapters/ansible/roles/glance/templates/glance-registry.conf
+++ b/deploy/adapters/ansible/roles/glance/templates/glance-registry.conf
@@ -173,8 +173,8 @@ connection = mysql://glance:{{ GLANCE_DBPASS }}@{{ db_host }}/glance
#db_max_retries = 20
[keystone_authtoken]
-auth_uri = http://{{ HA_VIP }}:5000/v2.0
-identity_uri = http://{{ HA_VIP }}:35357
+auth_uri = http://{{ internal_vip.ip }}:5000/v2.0
+identity_uri = http://{{ internal_vip.ip }}:35357
admin_tenant_name = service
admin_user = glance
admin_password = {{ GLANCE_PASS }}
diff --git a/deploy/adapters/ansible/roles/glance/templates/image_upload.sh b/deploy/adapters/ansible/roles/glance/templates/image_upload.sh
index 9dd1fa8d..985707a4 100644
--- a/deploy/adapters/ansible/roles/glance/templates/image_upload.sh
+++ b/deploy/adapters/ansible/roles/glance/templates/image_upload.sh
@@ -1,2 +1,2 @@
sleep 10
-glance --os-username=admin --os-password={{ ADMIN_PASS }} --os-tenant-name=admin --os-auth-url=http://{{ HA_VIP }}:35357/v2.0 image-create --name="cirros" --disk-format=qcow2 --container-format=bare --is-public=true < /opt/{{ build_in_image_name }} && touch glance.import.completed
+glance --os-username=admin --os-password={{ ADMIN_PASS }} --os-tenant-name=admin --os-auth-url=http://{{ internal_vip.ip }}:35357/v2.0 image-create --name="cirros" --disk-format=qcow2 --container-format=bare --is-public=true < /opt/{{ build_in_image_name }} && touch glance.import.completed
diff --git a/deploy/adapters/ansible/roles/ha/templates/failover.j2 b/deploy/adapters/ansible/roles/ha/templates/failover.j2
index ebfa65f8..3b08cf2d 100644
--- a/deploy/adapters/ansible/roles/ha/templates/failover.j2
+++ b/deploy/adapters/ansible/roles/ha/templates/failover.j2
@@ -11,7 +11,7 @@ except:
pass
LOG.basicConfig(format='%(asctime)s %(message)s', datefmt='%m/%d/%Y %I:%M:%S %p', filename=LOG_FILE,level=LOG.DEBUG)
-ha_vip = {{ HA_VIP }}
+ha_vip = {{ internal_vip.ip }}
LOG.info("ha_vip: %s" % ha_vip)
#ha_vip = "10.1.0.50"
diff --git a/deploy/adapters/ansible/roles/ha/templates/haproxy.cfg b/deploy/adapters/ansible/roles/ha/templates/haproxy.cfg
index 169182da..3c18d362 100644
--- a/deploy/adapters/ansible/roles/ha/templates/haproxy.cfg
+++ b/deploy/adapters/ansible/roles/ha/templates/haproxy.cfg
@@ -26,7 +26,7 @@ defaults
retries 5
listen proxy-glance_registry_cluster
- bind {{ HA_VIP }}:9191
+ bind {{ internal_vip.ip }}:9191
option tcpka
option tcplog
balance source
@@ -35,7 +35,7 @@ listen proxy-glance_registry_cluster
{% endfor %}
listen proxy-glance_api_cluster
- bind {{ HA_VIP }}:9292
+ bind {{ internal_vip.ip }}:9292
option tcpka
option httpchk
option tcplog
@@ -45,7 +45,7 @@ listen proxy-glance_api_cluster
{% endfor %}
listen proxy-nova-novncproxy
- bind {{ HA_VIP }}:6080
+ bind {{ internal_vip.ip }}:6080
option tcpka
option tcplog
balance source
@@ -54,7 +54,7 @@ listen proxy-nova-novncproxy
{% endfor %}
listen proxy-network
- bind {{ HA_VIP }}:9696
+ bind {{ internal_vip.ip }}:9696
option tcpka
option tcplog
balance source
@@ -63,7 +63,7 @@ listen proxy-network
{% endfor %}
listen proxy-volume
- bind {{ HA_VIP }}:8776
+ bind {{ internal_vip.ip }}:8776
option tcpka
option httpchk
option tcplog
@@ -73,7 +73,7 @@ listen proxy-volume
{% endfor %}
listen proxy-keystone_admin_cluster
- bind {{ HA_VIP }}:35357
+ bind {{ internal_vip.ip }}:35357
option tcpka
option httpchk
option tcplog
@@ -83,7 +83,7 @@ listen proxy-keystone_admin_cluster
{% endfor %}
listen proxy-keystone_public_internal_cluster
- bind {{ HA_VIP }}:5000
+ bind {{ internal_vip.ip }}:5000
option tcpka
option httpchk
option tcplog
@@ -93,7 +93,7 @@ listen proxy-keystone_public_internal_cluster
{% endfor %}
listen proxy-nova_compute_api_cluster
- bind {{ HA_VIP }}:8774
+ bind {{ internal_vip.ip }}:8774
mode tcp
option httpchk
option tcplog
@@ -103,7 +103,7 @@ listen proxy-nova_compute_api_cluster
{% endfor %}
listen proxy-nova_metadata_api_cluster
- bind {{ HA_VIP }}:8775
+ bind {{ internal_vip.ip }}:8775
option tcpka
option tcplog
balance source
@@ -112,7 +112,7 @@ listen proxy-nova_metadata_api_cluster
{% endfor %}
listen proxy-cinder_api_cluster
- bind {{ HA_VIP }}:8776
+ bind {{ internal_vip.ip }}:8776
mode tcp
option httpchk
option tcplog
diff --git a/deploy/adapters/ansible/roles/ha/templates/keepalived.conf b/deploy/adapters/ansible/roles/ha/templates/keepalived.conf
index f9f91915..f1e6db5d 100644
--- a/deploy/adapters/ansible/roles/ha/templates/keepalived.conf
+++ b/deploy/adapters/ansible/roles/ha/templates/keepalived.conf
@@ -1,41 +1,48 @@
global_defs {
-
- notification_email{
- root@huawei.com
- }
-
- notification_email_from keepalived@huawei.com
-
- smtp_server localhost
-
- smtp_connect_timeout 30
-
- router_id NodeA
-
+ router_id {{ inventory_hostname }}
}
-vrrp_instance VI_1 {
- interface {{ INTERNAL_INTERFACE }}
- virtual_router_id 51
+vrrp_instance internal_vip {
+ interface {{ internal_vip.interface }}
+ virtual_router_id {{ vrouter_id_internal }}
state BACKUP
nopreempt
+ preempt_delay 30
advert_int 1
-{% for host in groups['controller'] %}
-{% if host == inventory_hostname %}
- priority {{ 100 - loop.index0 * 5 }}
-{% endif %}
-{% endfor %}
+ priority 100
authentication {
auth_type PASS
- auth_pass 1111
+ auth_pass 1234
}
virtual_ipaddress {
- {{ HA_VIP }} dev {{ INTERNAL_INTERFACE }}
+ {{ internal_vip.ip }}/{{ internal_vip.netmask }} dev {{ internal_vip.interface }}
}
notify_master "/usr/local/bin/notify.sh master"
notify_backup "/usr/local/bin/notify.sh backup"
+
}
+#vrrp_instance public_vip {
+# interface {{ network_cfg.public_vip.interface }}
+# virtual_router_id {{ vrouter_id_public }}
+# state BACKUP
+# nopreempt
+# preempt_delay 30
+# advert_int 1
+# priority 100
+#
+# authentication {
+# auth_type PASS
+# auth_pass 4321
+# }
+#
+# virtual_ipaddress {
+# {{ network_cfg.public_vip.ip }}/{{ network_cfg.public_vip.netmask }} dev {{ network_cfg.public_vip.interface }}
+# }
+#
+#}
+#
+# notify_backup "/usr/local/bin/notify.sh backup"
diff --git a/deploy/adapters/ansible/roles/keystone/templates/admin-openrc.sh b/deploy/adapters/ansible/roles/keystone/templates/admin-openrc.sh
index f2e0d615..544fe31d 100644
--- a/deploy/adapters/ansible/roles/keystone/templates/admin-openrc.sh
+++ b/deploy/adapters/ansible/roles/keystone/templates/admin-openrc.sh
@@ -1,6 +1,6 @@
# Verify the Identity Service installation
export OS_PASSWORD={{ ADMIN_PASS }}
export OS_TENANT_NAME=admin
-export OS_AUTH_URL=http://{{ HA_VIP }}:35357/v2.0
+export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v2.0
export OS_USERNAME=ADMIN
diff --git a/deploy/adapters/ansible/roles/keystone/templates/demo-openrc.sh b/deploy/adapters/ansible/roles/keystone/templates/demo-openrc.sh
index 8bdc51ba..73909629 100644
--- a/deploy/adapters/ansible/roles/keystone/templates/demo-openrc.sh
+++ b/deploy/adapters/ansible/roles/keystone/templates/demo-openrc.sh
@@ -1,5 +1,5 @@
export OS_USERNAME=demo
export OS_PASSWORD={{ DEMO_PASS }}
export OS_TENANT_NAME=demo
-export OS_AUTH_URL=http://{{ HA_VIP }}:35357/v2.0
+export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v2.0
diff --git a/deploy/adapters/ansible/roles/keystone/templates/keystone_init b/deploy/adapters/ansible/roles/keystone/templates/keystone_init
index 0f2aec40..d9cc65a9 100644
--- a/deploy/adapters/ansible/roles/keystone/templates/keystone_init
+++ b/deploy/adapters/ansible/roles/keystone/templates/keystone_init
@@ -1,5 +1,5 @@
set -e
-while ! keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-list; do
+while ! keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-list; do
echo "not ready"
sleep 1
done
@@ -7,41 +7,41 @@ echo "keystone is ready"
# create an administrative user
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 role-create --name=admin
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 tenant-create --name=admin --description="Admin Tenant"
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-create --name=admin --pass={{ ADMIN_PASS }} --tenant=admin --email=admin@admin.com
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-role-add --user=admin --tenant=admin --role=admin
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 role-create --name=admin
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 tenant-create --name=admin --description="Admin Tenant"
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-create --name=admin --pass={{ ADMIN_PASS }} --tenant=admin --email=admin@admin.com
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-role-add --user=admin --tenant=admin --role=admin
# create a normal user
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 tenant-create --name=demo --description="Demo Tenant"
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-create --name=demo --pass={{ DEMO_PASS }} --tenant=demo --email=DEMO_EMAIL
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 tenant-create --name=demo --description="Demo Tenant"
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-create --name=demo --pass={{ DEMO_PASS }} --tenant=demo --email=DEMO_EMAIL
# create a service tenant
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 tenant-create --name=service --description="Service Tenant"
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 tenant-create --name=service --description="Service Tenant"
# regist keystone
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-create --name=keystone --type=identity --description="OpenStack Identity"
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 endpoint-create --service_id=$(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-list | awk '/ identity / {print $2}') --publicurl=http://{{ HA_VIP }}:5000/v2.0 --internalurl=http://{{ HA_VIP }}:5000/v2.0 --adminurl=http://{{ HA_VIP }}:35357/v2.0
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-create --name=keystone --type=identity --description="OpenStack Identity"
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 endpoint-create --service_id=$(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-list | awk '/ identity / {print $2}') --publicurl=http://{{ internal_vip.ip }}:5000/v2.0 --internalurl=http://{{ internal_vip.ip }}:5000/v2.0 --adminurl=http://{{ internal_vip.ip }}:35357/v2.0
# Create a glance user that the Image Service can use to authenticate with the Identity service
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-create --name=glance --pass={{ GLANCE_PASS }} --email=glance@example.com
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-role-add --user=glance --tenant=service --role=admin
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-create --name=glance --pass={{ GLANCE_PASS }} --email=glance@example.com
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-role-add --user=glance --tenant=service --role=admin
#Register the Image Service with the Identity service so that other OpenStack services can locate it
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-create --name=glance --type=image --description="OpenStack Image Service"
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 endpoint-create --service-id=$(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-list | awk '/ image / {print $2}') --publicurl=http://{{ HA_VIP }}:9292 --internalurl=http://{{ HA_VIP }}:9292 --adminurl=http://{{ HA_VIP }}:9292
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-create --name=glance --type=image --description="OpenStack Image Service"
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 endpoint-create --service-id=$(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-list | awk '/ image / {print $2}') --publicurl=http://{{ internal_vip.ip }}:9292 --internalurl=http://{{ internal_vip.ip }}:9292 --adminurl=http://{{ internal_vip.ip }}:9292
#Create a nova user that Compute uses to authenticate with the Identity Service
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-create --name=nova --pass={{ NOVA_PASS }} --email=nova@example.com
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-role-add --user=nova --tenant=service --role=admin
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-create --name=nova --pass={{ NOVA_PASS }} --email=nova@example.com
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-role-add --user=nova --tenant=service --role=admin
# register Compute with the Identity Service so that other OpenStack services can locate it
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-create --name=nova --type=compute --description="OpenStack Compute"
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 endpoint-create --service-id=$(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-list | awk '/ compute / {print $2}') --publicurl=http://{{ HA_VIP }}:8774/v2/%\(tenant_id\)s --internalurl=http://{{ HA_VIP }}:8774/v2/%\(tenant_id\)s --adminurl=http://{{ HA_VIP }}:8774/v2/%\(tenant_id\)s
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-create --name=nova --type=compute --description="OpenStack Compute"
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 endpoint-create --service-id=$(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-list | awk '/ compute / {print $2}') --publicurl=http://{{ internal_vip.ip }}:8774/v2/%\(tenant_id\)s --internalurl=http://{{ internal_vip.ip }}:8774/v2/%\(tenant_id\)s --adminurl=http://{{ internal_vip.ip }}:8774/v2/%\(tenant_id\)s
# register netron user, role and service
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-create --name neutron --pass {{ NEUTRON_PASS }} --email neutron@example.com
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-role-add --user neutron --tenant service --role admin
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-create --name neutron --type network --description "OpenStack Networking"
-keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 endpoint-create --service-id $(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-list | awk '/ network / {print $2}') --publicurl http://{{ HA_VIP }}:9696 --adminurl http://{{ HA_VIP }}:9696 --internalurl http://{{ HA_VIP }}:9696
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-create --name neutron --pass {{ NEUTRON_PASS }} --email neutron@example.com
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-role-add --user neutron --tenant service --role admin
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-create --name neutron --type network --description "OpenStack Networking"
+keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 endpoint-create --service-id $(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-list | awk '/ network / {print $2}') --publicurl http://{{ internal_vip.ip }}:9696 --adminurl http://{{ internal_vip.ip }}:9696 --internalurl http://{{ internal_vip.ip }}:9696
diff --git a/deploy/adapters/ansible/roles/mq/templates/rabbitmq-env.conf b/deploy/adapters/ansible/roles/mq/templates/rabbitmq-env.conf
index 6dd7349c..377c89d7 100644
--- a/deploy/adapters/ansible/roles/mq/templates/rabbitmq-env.conf
+++ b/deploy/adapters/ansible/roles/mq/templates/rabbitmq-env.conf
@@ -1 +1 @@
-RABBITMQ_NODE_IP_ADDRESS={{ HA_VIP }}
+RABBITMQ_NODE_IP_ADDRESS={{ internal_vip.ip }}
diff --git a/deploy/adapters/ansible/roles/neutron-compute/templates/metadata_agent.ini b/deploy/adapters/ansible/roles/neutron-compute/templates/metadata_agent.ini
index 375f46c2..87937cc7 100644
--- a/deploy/adapters/ansible/roles/neutron-compute/templates/metadata_agent.ini
+++ b/deploy/adapters/ansible/roles/neutron-compute/templates/metadata_agent.ini
@@ -3,7 +3,7 @@
debug = True
# The Neutron user information for accessing the Neutron API.
-auth_url = http://{{ HA_VIP }}:5000/v2.0
+auth_url = http://{{ internal_vip.ip }}:5000/v2.0
auth_region = regionOne
# Turn off verification of the certificate for ssl
# auth_insecure = False
@@ -17,7 +17,7 @@ admin_password = {{ NEUTRON_PASS }}
# endpoint_type = adminURL
# IP address used by Nova metadata server
-nova_metadata_ip = {{ HA_VIP }}
+nova_metadata_ip = {{ internal_vip.ip }}
# TCP Port used by Nova metadata server
nova_metadata_port = 8775
diff --git a/deploy/adapters/ansible/roles/neutron-controller/tasks/neutron_install.yml b/deploy/adapters/ansible/roles/neutron-controller/tasks/neutron_install.yml
index 9655c0b3..fce12722 100644
--- a/deploy/adapters/ansible/roles/neutron-controller/tasks/neutron_install.yml
+++ b/deploy/adapters/ansible/roles/neutron-controller/tasks/neutron_install.yml
@@ -10,7 +10,7 @@
with_items: services | union(services_noarch)
- name: get tenant id to fill neutron.conf
- shell: keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 tenant-get service | grep id | awk '{print $4}'
+ shell: keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 tenant-get service | grep id | awk '{print $4}'
register: NOVA_ADMIN_TENANT_ID
- name: update neutron conf
diff --git a/deploy/adapters/ansible/roles/neutron-controller/templates/metadata_agent.ini b/deploy/adapters/ansible/roles/neutron-controller/templates/metadata_agent.ini
index 375f46c2..87937cc7 100644
--- a/deploy/adapters/ansible/roles/neutron-controller/templates/metadata_agent.ini
+++ b/deploy/adapters/ansible/roles/neutron-controller/templates/metadata_agent.ini
@@ -3,7 +3,7 @@
debug = True
# The Neutron user information for accessing the Neutron API.
-auth_url = http://{{ HA_VIP }}:5000/v2.0
+auth_url = http://{{ internal_vip.ip }}:5000/v2.0
auth_region = regionOne
# Turn off verification of the certificate for ssl
# auth_insecure = False
@@ -17,7 +17,7 @@ admin_password = {{ NEUTRON_PASS }}
# endpoint_type = adminURL
# IP address used by Nova metadata server
-nova_metadata_ip = {{ HA_VIP }}
+nova_metadata_ip = {{ internal_vip.ip }}
# TCP Port used by Nova metadata server
nova_metadata_port = 8775
diff --git a/deploy/adapters/ansible/roles/neutron-network/tasks/main.yml b/deploy/adapters/ansible/roles/neutron-network/tasks/main.yml
index d1052897..7d643d5a 100644
--- a/deploy/adapters/ansible/roles/neutron-network/tasks/main.yml
+++ b/deploy/adapters/ansible/roles/neutron-network/tasks/main.yml
@@ -66,8 +66,8 @@
- meta: flush_handlers
-- include: igmp-router.yml
- when: "'vxlan' in {{ NEUTRON_TUNNEL_TYPES }} and ansible_os_family == 'Debian'"
+#- include: igmp-router.yml
+# when: "'vxlan' in {{ NEUTRON_TUNNEL_TYPES }} and ansible_os_family == 'Debian'"
- name: assert kernel support for vxlan
command: modinfo -F version vxlan
diff --git a/deploy/adapters/ansible/roles/neutron-network/templates/etc/xorp/config.boot b/deploy/adapters/ansible/roles/neutron-network/templates/etc/xorp/config.boot
index 32caf96d..426a8fd1 100644
--- a/deploy/adapters/ansible/roles/neutron-network/templates/etc/xorp/config.boot
+++ b/deploy/adapters/ansible/roles/neutron-network/templates/etc/xorp/config.boot
@@ -1,6 +1,6 @@
interfaces {
restore-original-config-on-shutdown: false
- interface {{ hostvars[inventory_hostname][neutron_vxlan_interface|default(internal_interface)]['device'] }} {
+ interface {{ internal_nic }} {
description: "Internal pNodes interface"
disable: false
default-system-config
@@ -10,8 +10,8 @@ interfaces {
protocols {
igmp {
disable: false
- interface {{ hostvars[inventory_hostname][neutron_vxlan_interface|default(internal_interface)]['device'] }} {
- vif {{ hostvars[inventory_hostname][neutron_vxlan_interface|default(internal_interface)]['device'] }} {
+ interface {{ internal_nic }} {
+ vif {{ internal_nic }} {
disable: false
version: 3
}
diff --git a/deploy/adapters/ansible/roles/neutron-network/templates/metadata_agent.ini b/deploy/adapters/ansible/roles/neutron-network/templates/metadata_agent.ini
index 375f46c2..87937cc7 100644
--- a/deploy/adapters/ansible/roles/neutron-network/templates/metadata_agent.ini
+++ b/deploy/adapters/ansible/roles/neutron-network/templates/metadata_agent.ini
@@ -3,7 +3,7 @@
debug = True
# The Neutron user information for accessing the Neutron API.
-auth_url = http://{{ HA_VIP }}:5000/v2.0
+auth_url = http://{{ internal_vip.ip }}:5000/v2.0
auth_region = regionOne
# Turn off verification of the certificate for ssl
# auth_insecure = False
@@ -17,7 +17,7 @@ admin_password = {{ NEUTRON_PASS }}
# endpoint_type = adminURL
# IP address used by Nova metadata server
-nova_metadata_ip = {{ HA_VIP }}
+nova_metadata_ip = {{ internal_vip.ip }}
# TCP Port used by Nova metadata server
nova_metadata_port = 8775
diff --git a/deploy/adapters/ansible/roles/neutron-network/vars/RedHat.yml b/deploy/adapters/ansible/roles/neutron-network/vars/RedHat.yml
index c6c9bd85..14fd7731 100644
--- a/deploy/adapters/ansible/roles/neutron-network/vars/RedHat.yml
+++ b/deploy/adapters/ansible/roles/neutron-network/vars/RedHat.yml
@@ -11,4 +11,4 @@ openvswitch_agent: neutron-openvswitch-agent
xorp_packages:
- openssl098e
-# - xorp
+ #- xorp
diff --git a/deploy/adapters/ansible/roles/nova-controller/templates/metadata_agent.ini b/deploy/adapters/ansible/roles/nova-controller/templates/metadata_agent.ini
index 375f46c2..87937cc7 100644
--- a/deploy/adapters/ansible/roles/nova-controller/templates/metadata_agent.ini
+++ b/deploy/adapters/ansible/roles/nova-controller/templates/metadata_agent.ini
@@ -3,7 +3,7 @@
debug = True
# The Neutron user information for accessing the Neutron API.
-auth_url = http://{{ HA_VIP }}:5000/v2.0
+auth_url = http://{{ internal_vip.ip }}:5000/v2.0
auth_region = regionOne
# Turn off verification of the certificate for ssl
# auth_insecure = False
@@ -17,7 +17,7 @@ admin_password = {{ NEUTRON_PASS }}
# endpoint_type = adminURL
# IP address used by Nova metadata server
-nova_metadata_ip = {{ HA_VIP }}
+nova_metadata_ip = {{ internal_vip.ip }}
# TCP Port used by Nova metadata server
nova_metadata_port = 8775
diff --git a/deploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml b/deploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml
index 33ab6841..f301cba2 100755
--- a/deploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml
+++ b/deploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml
@@ -29,7 +29,7 @@
# service openvswitch-switch start ;
- name: Set OpenDaylight as the manager
- command: su -s /bin/sh -c "ovs-vsctl set-manager tcp:{{ HA_VIP }}:6640;"
+ command: su -s /bin/sh -c "ovs-vsctl set-manager tcp:{{ internal_vip.ip }}:6640;"
#- name: start and disable Neutron's agent services
# service: name=neutron-plugin-openvswitch-agent state=started
diff --git a/deploy/adapters/ansible/roles/odl_cluster/templates/akka.conf b/deploy/adapters/ansible/roles/odl_cluster/templates/akka.conf
index 318a8729..77798498 100755
--- a/deploy/adapters/ansible/roles/odl_cluster/templates/akka.conf
+++ b/deploy/adapters/ansible/roles/odl_cluster/templates/akka.conf
@@ -28,7 +28,7 @@ odl-cluster-data {
remote {
log-remote-lifecycle-events = off
netty.tcp {
- hostname = "{{ hostvars[inventory_hostname]['ansible_' + INTERNAL_INTERFACE].ipv4.address }}"
+ hostname = "{{ hostvars[inventory_hostname]['ansible_' + internal_nic].ipv4.address }}"
port = 2550
maximum-frame-size = 419430400
send-buffer-size = 52428800
@@ -40,9 +40,9 @@ odl-cluster-data {
seed-nodes = [
{% for host in groups['odl'] %}
{% if loop.last %}
- "akka.tcp://opendaylight-cluster-data@{{ hostvars[host]['ansible_' + INTERNAL_INTERFACE].ipv4.address }}:2550"
+ "akka.tcp://opendaylight-cluster-data@{{ hostvars[host]['ansible_' + internal_nic].ipv4.address }}:2550"
{% else %}
- "akka.tcp://opendaylight-cluster-data@{{ hostvars[host]['ansible_' + INTERNAL_INTERFACE].ipv4.address }}:2550",
+ "akka.tcp://opendaylight-cluster-data@{{ hostvars[host]['ansible_' + internal_nic].ipv4.address }}:2550",
{% endif %}
{% endfor %}
]
@@ -53,7 +53,7 @@ odl-cluster-data {
{% set key = 0 %}
{% for host in groups['odl'] %}
{% set key = key + 1 %}
- {% if hostvars[host]['ansible_' + INTERNAL_INTERFACE].ipv4.address == hostvars[inventory_hostname]['ansible_' + INTERNAL_INTERFACE].ipv4.address %}
+ {% if hostvars[host]['ansible_' + internal_nic].ipv4.address == hostvars[inventory_hostname]['ansible_' + internal_nic].ipv4.address %}
"member-{{ key }}"
{% endif %}
{% endfor %}
@@ -83,7 +83,7 @@ odl-cluster-rpc {
remote {
log-remote-lifecycle-events = off
netty.tcp {
- hostname = "{{ hostvars[inventory_hostname]['ansible_' + INTERNAL_INTERFACE].ipv4.address }}"
+ hostname = "{{ hostvars[inventory_hostname]['ansible_' + internal_nic].ipv4.address }}"
port = 2551
}
}
@@ -92,9 +92,9 @@ odl-cluster-rpc {
seed-nodes = [
{% for host in groups['odl'] %}
{% if loop.last %}
- "akka.tcp://odl-cluster-rpc@{{ hostvars[host]['ansible_' + INTERNAL_INTERFACE].ipv4.address }}:2551"
+ "akka.tcp://odl-cluster-rpc@{{ hostvars[host]['ansible_' + internal_nic].ipv4.address }}:2551"
{% else %}
- "akka.tcp://odl-cluster-rpc@{{ hostvars[host]['ansible_' + INTERNAL_INTERFACE].ipv4.address }}:2551",
+ "akka.tcp://odl-cluster-rpc@{{ hostvars[host]['ansible_' + internal_nic].ipv4.address }}:2551",
{% endif %}
{% endfor %}
]
diff --git a/deploy/adapters/ansible/roles/odl_cluster/templates/ml2_conf.sh b/deploy/adapters/ansible/roles/odl_cluster/templates/ml2_conf.sh
index 7f61d367..77c55656 100755
--- a/deploy/adapters/ansible/roles/odl_cluster/templates/ml2_conf.sh
+++ b/deploy/adapters/ansible/roles/odl_cluster/templates/ml2_conf.sh
@@ -2,5 +2,5 @@ cat <<EOT>> /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2_odl]
password = admin
username = admin
-url = http://{{ HA_VIP }}:8080/controller/nb/v2/neutron
+url = http://{{ internal_vip.ip }}:8080/controller/nb/v2/neutron
EOT
diff --git a/deploy/adapters/ansible/roles/setup-network/tasks/main.yml b/deploy/adapters/ansible/roles/setup-network/tasks/main.yml
index 94816044..8df1ac3a 100644
--- a/deploy/adapters/ansible/roles/setup-network/tasks/main.yml
+++ b/deploy/adapters/ansible/roles/setup-network/tasks/main.yml
@@ -15,24 +15,24 @@
when: 'item["type"] == "ovs"'
- name: setup sys intf
- shell: ip link del {{ item["name"] }}; \
- ip link add link {{ item["interface"] }} name {{ item["name"] }} type vlan id {{ item["vlan_tag"] }}; \
- ip link set {{ item["interface"] }} up
- when: '"vlan_tag" in item'
- with_items: "{{ network_cfg['sys_intf_mappings'] }}"
+ shell: ip link del {{ item.key }}; \
+ ip link add link {{ item.value["interface"] }} name {{ item.key }} type vlan id {{ item.value["vlan_tag"] }}; \
+ ip link set {{ item.value["interface"] }} up
+ when: '"vlan_tag" in item.value and item.value["type"] == "vlan"'
+ with_dict: "{{ sys_intf_mappings }}"
- name: set sys intf ip
- shell: ip addr del {{ item["ip"] }}/{{ item["netmask"] }} dev {{ item["alias"] }}; \
- ip addr add {{ item["ip"] }}/{{ item["netmask"] }} dev {{ item["alias"] }}; \
- ip link set {{ item["alias"] }} up
- with_items: "{{ host_ip_settings }}"
+ shell: ip addr del {{ item.value["ip"] }}/{{ item.value["netmask"] }} dev {{ item.value["alias"] }}; \
+ ip addr add {{ item.value["ip"] }}/{{ item.value["netmask"] }} dev {{ item.value["alias"] }}; \
+ ip link set {{ item.value["alias"] }} up
+ with_dict: "{{ host_ip_settings }}"
- name: set gateway
shell: ip route del default; \
- ip route add default via {{ item["gw"] }} dev {{ item["alias"] }}
- when: '"gw" in item'
- with_items: "{{ host_ip_settings }}"
+ ip route add default via {{ item.value["gw"] }} dev {{ item.key }}
+ when: '"gw" in item.value'
+ with_dict: "{{ host_ip_settings }}"
- name: copy net config
template: src=my_configs.debian dest=/etc/network/interfaces.d/my_configs.cfg
diff --git a/deploy/adapters/ansible/roles/setup-network/templates/my_configs.debian b/deploy/adapters/ansible/roles/setup-network/templates/my_configs.debian
index 54031ed4..5ab1519b 100644
--- a/deploy/adapters/ansible/roles/setup-network/templates/my_configs.debian
+++ b/deploy/adapters/ansible/roles/setup-network/templates/my_configs.debian
@@ -1,16 +1,14 @@
-{%- for intf in host_ip_settings %}
+{%- for alias, intf in host_ip_settings.items() %}
-auto {{ intf["alias"] }}
-iface {{ intf["alias"] }} inet static
+auto {{ alias }}
+iface {{ alias }} inet static
address {{ intf["ip"] }}
netmask {{ intf["netmask"] }}
{% if "gw" in intf %}
gateway {{ intf["gw"] }}
{% endif %}
-{% for sys_intf in network_cfg["sys_intf_mappings"] %}
-{% if "vlan_tag" in sys_intf and sys_intf["name"] == intf["alias"] %}
- pre-up ip link set {{ sys_intf["interface"] }} up
- pre-up ip link add link {{ sys_intf["interface"] }} name {{ sys_intf["name"] }} type vlan id {{ sys_intf["vlan_tag"] }}
+{% if intf["name"] == alias %}
+ pre-up ip link set {{ sys_intf_mappings[alias]["interface"] }} up
+ pre-up ip link add link {{ sys_intf_mappings[alias]["interface"] }} name {{ alias }} type vlan id {{ sys_intf_mappings[alias]["vlan_tag"] }}
{% endif %}
{% endfor %}
-{% endfor %}
diff --git a/deploy/conf/network_cfg.yaml b/deploy/conf/network_cfg.yaml
index 8d8d3216..a5f2c791 100644
--- a/deploy/conf/network_cfg.yaml
+++ b/deploy/conf/network_cfg.yaml
@@ -14,6 +14,7 @@ sys_intf_mappings:
- name: mgmt
interface: eth1
vlan_tag: 2
+ type: vlan
role:
- controller
- compute
@@ -21,6 +22,7 @@ sys_intf_mappings:
- name: storage
interface: eth1
vlan_tag: 3
+ type: vlan
role:
- controller
- compute
@@ -28,6 +30,7 @@ sys_intf_mappings:
- name: external
interface: br-prv
vlan_tag: 4
+ type: vlan
role:
- controller
- compute
@@ -61,6 +64,16 @@ ip_settings:
- controller
- compute
+internal_vip:
+ ip: 172.16.1.222
+ netmask: "24"
+ interface: mgmt
+
+public_vip:
+ ip: 172.16.3.222
+ netmask: "24"
+ interface: external
+
public_net_info:
enable: False
network: ext-net